A computer stolen from
Germanton Elementary school holds students' SSNs. The data on the
computer are encrypted.

Information Source:Dataloss DB

records from this breach used in our total: 0

October 16, 2006

VISA, FirstBank (1st Bank)Lakewood, Colorado

BSF

UNKN

Unknown

FirstBank sent a letter
to an unknown number of customers informing them their FirstTeller
Visa Check Card numbers were compromised when someone accessed “a
merchant card processor's transaction database.” The FirstBank letter
said customers would receive new cards by October 27.

Information Source:Dataloss DB

records from this breach used in our total: 0

October 16, 2006

Dr, Charles Kay of Orchard Family PracticeEnglewood, Colorado

MED

PHYS

"Hundreds"

Sheriff's deputies evicting
Dr. Charles Kay put files from his office in a nearby parking lot.
In a news report, Dr. Kay said he had removed the patient files but
not the business files.

Information Source:Media

records from this breach used in our total: 100

October 16, 2006

Twin Tier MortgageElmira, New York

BSF

STAT

34

An office burglary occurred sometime between October 13 and October 15. A computer with the information of some, but not all clients was stolen. partial list of client information was stolen. Social Security numbers of applicants, names, addresses, phone numbers, dates of birth, income, assets and other mortgage related financial information may have been exposed. At least 34 New York residents were affected, but the total number of affected clients nationwide was not revealed.

Information Source:Dataloss DB

records from this breach used in our total: 34

October 17, 2006

City of Visalia, Recreation DivisionVisalia, California

GOV

PHYS

200 current and former
employees

Personally identifiable
information of approximately 200 current and former Visalia Recreation
Department employees was exposed when copies of city documents were
found scattered on a city street.

Information Source:Dataloss DB

records from this breach used in our total: 200

October 19, 2006

Allina Hospitals and ClinicsMinneapolis, Minnesota

MED

PORT

Individuals in 17,000 households

A laptop stolen from
a nurse's car on October 8 contains the names and SSNs of individuals
in approximately 17,000 households participating in the Allina Hospitals
and Clinics obstetric home-care program since June 2005.

Information Source:Dataloss DB

records from this breach used in our total: 17,000

October 19, 2006

University of MinnesotaMinneapolis-St.Paul, Minnesota

EDU

PORT

200 students (not included
in total)

In June, a University of
Minnesota art department laptop computer stolen from a faculty member
while traveling in Spain holds personally identifiable information
of 200 students.

On Sept. 6, an unencrypted
laptop computer containing veterans' names, Social Security numbers,
and medical diagnosis, was stolen from the Hospital. Veterans who receive pulmonary care were affected.

Information Source:Dataloss DB

records from this breach used in our total: 1,600

October 20, 2006

BlueCross BlueShield of Western New York, HealthNow New York Inc., Administrative Services of KansasBuffalo, New York

BSF

PORT

96

The theft occurred in a Kansas hospital. Potential HealthNow New York Inc. members were affected.

The laptop of an employee of HealthNow's outside claims vendor Administrative Services of Kansas was stolen during the lunch break of a presentation. The laptop had potential member names and Social Security numbers. The theft occurred sometime around June 19 and notification letters were sent on October 16.

On July 28, 2006, a contractor working for Advanced Receivables Strategy, a medical billing records company, misplaced CDs containing the names and SSNs of 266,200 patients, employees, physicians, and board members of St. Francis hospitals in Indiana and Illinois. About 260,000 patients and about 6,200 employees, board members and physicians were affected for a total of 266,200. Also affected were records of Greater Lafayette Health Services. The disks were inadvertently left in a laptop case that was returned to a store. The purchaser returned the disks. The records were not encrypted even though St. Francis and ARS policies require encryption.

Information Source:Dataloss DB

records from this breach used in our total: 266,200

October 23, 2006

Chicago Voter DatabaseChicago, Illinois

GOV

DISC

1.35 million Chicago residents

An official from the not-for-profit
Illinois Ballot Integrity Project says his organization hacked into
Chicago's voter database, compromising the names, SSNs and dates of
birth of 1.35 million residents. The Chicago Election Board is reportedly
looking into removing SSNs from the database. Election officials have
patched the flaw that allowed the intrusion.

Information Source:Dataloss DB

records from this breach used in our total: 1,350,000

October 23, 2006

Mount Sinai Medical CenterNew York, New York

MED

PORT

311

A flash drive that contained visitor names, Social Security numbers, children's names, children's dates of birth and dates of visit was lost or stolen during an emergency evacuation. A researcher working with data from New York Children's Environmental Study conducted in Community Medicine reported that the flash drive she left in her computer was missing after she returned sometime around October 5.

Information Source:Dataloss DB

records from this breach used in our total: 311

October 24, 2006

Jacobs Neurological InstituteBuffalo, New York

MED

PORT

Unknown

The laptop of a research
doctor was stolen from her locked office at the Institute. It included
records of patients and her research data.

Information Source:Media

records from this breach used in our total: 0

October 24, 2006

Bethpage Federal Credit UnionBethpage, New York

BSF

PHYS

106

A courier's envelope was delivered to the Credit Union ripped and missing the twenty reports it was supposed to contain. Some of the reports contained confidential information such as name, address, telephone number, credit card number, and financial institution checking account number.

Information Source:Dataloss DB

records from this breach used in our total: 106

October 25, 2006

Transportation Security Administration (TSA)Portland, Oregon

GOV

PORT

900 current and former
Oregon TSA employees

A thumb drive is missing
from the TSA command center at Portland International Airport and
believed to contain the names, addresses, phone numbers and Social
Security numbers of approximately 900 current and former employees.

Information Source:Media

records from this breach used in our total: 900

October 25, 2006

Swedish Medical Center, Ballard CampusSeattle, Washington

MED

INSD

Up to 1,100 patients

(800) 840-6452

An employee stole the names,
birthdates, and Social Security numbers from patients who were hospitalized
or had day-surgeries from June 22 to Sept 21. She used 3 patients'
information to open multiple credit accounts.

Information Source:Dataloss DB

records from this breach used in our total: 1,100

October 25, 2006

Tuscarawas County and Warren CountyTuscarawas County, Ohio

GOV

DISC

Unknown

Additional location: Warren County, OH

The Social Security numbers
of some Tuscarawas and Warren County voters were available on the
LexisNexis Internet database service. Local boards of elections may be the source of the information.

UPDATE
(11/1/06): LexisNexis says it has now removed the SSNs.

Information Source:Dataloss DB

records from this breach used in our total: 0

October 25, 2006

Department of Homeland SecurityPortland, Oregon

GOV

PORT

900

A computer storage device that may have held the personal information of current and former employees was lost or stolen. The device had names, Social Security numbers, addresses and telephone numbers. The device was discovered missing on October 16 at the Transportation Security Administration's command center at Portland International Airport.

Information Source:Dataloss DB

records from this breach used in our total: 900

October 26, 2006

Akron Children's HospitalAkron, Ohio

MED

HACK

235,903

Overseas hackers broke into
two computers at Children's Hospital. One contains private patient
data (including Social Security numbers) and the other holds billing
and banking information.

Information Source:Dataloss DB

records from this breach used in our total: 235,903

October 26, 2006

Empire Equity GroupCharlotte, North Carolina

BSF

PHYS

Unknown

Mortgage files that included
personal financial details about loan applicants were found in a dumpster.
Empire Equity will pay
$12,500 to the State of NC.

The Denver Police Dept.
reports that LimeWire's file-sharing program was exploited to access
personal and financial information from
approximately 75 different individual and business account names from
all over the country. The
information, which included tax records, bank account information,
online bill paying records and
other material, appears to have been stolen directly from computers
that were using LimeWire's filesharing
software program.

On October 5, 2006, a laptop
computer containing 401(k) information for employees of at least one
company (Atlantic Plastics, Inc.) was stolen from accounting firm
Hancock Askew.

Information Source:Dataloss DB

records from this breach used in our total: 0

October 27, 2006

LexisNexisBoca Raton, Florida

BSO

PORT

449

A package containing an employee's laptop computer was lost by an overnight courier service during shipping. The laptop may have included the names, Social Security numbers, driver's license numbers, dates of birth and addresses of certain individuals. At least 53 residents of Maine and 396 residents of New York were affected, but the total number of affected individuals nationwide was not reported.

Information Source:Dataloss DB

records from this breach used in our total: 449

October 27, 2006

Link Staffing ServicesHouston, Texas

BSO

STAT

332,000

On September 26 it was discovered that a computer server was stolen during an office burglary. The server had employee names and Social Security numbers. Current and former employees were notified at the end of October after an investigation of the breach.

Information Source:Dataloss DB

records from this breach used in our total: 332,000

October 29, 2006

New York UniversityNew York, New York

EDU

PORT

30,000

Backup CDs from the Continuing Medical Education program at NYU Medical Center were lost or stolen. Names, Social Security numbers, addresses, telephone and fax numbers, student ID numbers, debit or credit card information and degree information for students participating in the program between 1999 and the discovery of the loss may have been exposed.

Information Source:Dataloss DB

records from this breach used in our total: 30,000

October 30, 2006

National Financial Partners (NFP)New York, New York

BSF

INSD

4,327

A former payroll department employee may have had access to former and current employee information. The information included Social Security numbers, addresses and birth dates. The employee was not authorized to view the information. It is unclear if the employee still had access to the electronic files after termination.

Information Source:Dataloss DB

records from this breach used in our total: 4,327

October 31, 2006

AvayaMaitland, Florida

BSO

PORT

Unknown

Additional location: Basking Ridge, NJ A laptop stolen from an Avaya employee on October 16 in Florida contained personally identifiable information, including names, addresses, W-2 tax form information and SSNs.

Information Source:Dataloss DB

records from this breach used in our total: 0

October 31, 2006

Community National Bank, Crowe Chizek & Company LLCGreat Neck, New York

BSF

PORT

90

The Bank was notified of a potential security breach by its auditor Crowe. Two laptops belonging to Crowe auditors were stolen from a car in a restaurant parking lot on October 12. One laptop contained the names, Social Security or tax identification numbers, addresses and account numbers of clients from a November 2005 confirmation trial.

Information Source:Dataloss DB

records from this breach used in our total: 90

October 31, 2006

Yates County Public HealthPenn Yan, New York

MED

PORT

68

A laptop computer used for Child Health Plus, Medicaid and Family Health Plus plans was stolen from a vehicle on October 20. It contained application information which included name, Social Security number, date of birth, driver's license number, bank account and personal checking information and employer information. At least 68 New York residents were affected, but the total number of affected individuals nationwide was not revealed.

Information Source:Dataloss DB

records from this breach used in our total: 68

November 1, 2006

U.S. Army Cadet CommandFort Monroe, Virginia

GOV

PORT

4,600 high school seniors

1-866-423-4474, Email: mydata@usaac.army.mil

A laptop computer was stolen
that contained the names, addresses, telephone numbers, birthdates,
Social Security numbers, parent names, and mother's maiden names of
applicants for the Army's four-year ROTC college scholarship.

In September 2006, a laptop
computer was stolen from the insurance brokerage firm. It contained
client information including the names, birthdates, and drivers license
numbers of Villanova University students and staff who drive university
vehicles.

On Oct. 14, a desktop computer was stolen from a state contractor who processes Colorado child support payments for the Dept. of Human Services. Computer also contained the state's Directory of New Hires.

UPDATE (12/07/2006) When initially posted to this list, the number 1.4 million was not added to the total because we could not confirm if SSNs were exposed. The PRC was contacted by an affected individual today who confirmed that names, addresses, SSNs and dates of birth were exposed.

Information Source:Dataloss DB

records from this breach used in our total: 1,400,000

November 2, 2006

Greater Media, Inc.Philadelphia, Pennsylvania

BSO

PORT

Unknown

A laptop computer containing
the Social Security numbers of the radio broadcasting company's current
and former employees was stolen from their Philadelphia offices.

Three disks containing billing
information, patient names and Social Security numbers, were lost
in the mail.

Information Source:Dataloss DB

records from this breach used in our total: 1,400

November 2, 2006

Intermountain Health CareSalt Lake City, Utah

MED

PORT

6,244

A computer was purchased
at a second-hand store, Deseret Industries, that contained the names,
Social Security numbers, employment records, and other personal information
about Intermountain Health Care employees employed there in 1999-2000.

Information Source:Dataloss DB

records from this breach used in our total: 6,244

November 2, 2006

CompulinxWhite Plains, New York

BSO

INSD

Up to 50 Compulinx employees

The CEO of Compulinx was
arrested for fraudulently using employees' names, addresses, Social
Security numbers and other personal information for credit purposes.
(It is unclear whether customers' data was also used).

Information Source:Media

records from this breach used in our total: 50

November 3, 2006

University of Virginia (UVA)Charlottesville, Virginia

EDU

DISC

632 students

Due to a computer programming
error, Student Financial Services sent e-mail messages to students
containing 632 other students' Social Security numbers.

Information Source:Dataloss DB

records from this breach used in our total: 632

November 3, 2006

West Shore BankLudington, Michigan

BSF

CARD

About 1,000

Customers' debit cards and
possibly credit cards were compromised from a security break last
summer at a common MasterCard point-of-purchase provider.

Starbucks lost track of
four laptop computers. Two held employee names, addresses, and Social
Security numbers. Current and former U.S. employees and about 80 Canadian workers and contractors were affected.

The police dept. accidentally
published a report on their website containing personal information
on nearly 200 people the police had contact with on Oct. 21. Data
included names, Social Security numbers, driver's license numbers,
etc.

Information Source:Dataloss DB

records from this breach used in our total: 200

November 6, 2006

Ingersoll RandMontvale, New Jersey

BSO

PORT

1510

The September 29 theft of an employee's laptop resulted in the exposure of emails with names and Social Security numbers of former employees. The laptop was stolen from the employee's car while it sat in a restaurant parking lot.

Information Source:Dataloss DB

records from this breach used in our total: 1,510

November 7, 2006

City of LubbockLubbock, Texas

GOV

HACK

5,800

Hackers broke into the city's
web site and compromised the online job application database, which
included Social Security numbers.

Information Source:Dataloss DB

records from this breach used in our total: 5,800

November 7, 2006

Lehman CollegeBronx, New York

EDU

DISC

768

A class of 2006 Fall graduation list was found to be accessible online. The file had only been available for 17 hours. Classes, majors, names, Social Security numbers, addresses, home phone numbers and dates of birth were on the list.

Information Source:Dataloss DB

records from this breach used in our total: 768

November 7, 2006

CIGNA HealthCare CorpBloomfield, Connecticut

BSF

PORT

156 (149 SSNs)

The location listed is the headquarters. The breach may have occurred elsewhere.

The July 11 theft of an employee's laptop left sensitive data exposed. Names, tax identification numbers and Social Security numbers of people who used their Social Security number as a tax ID were exposed.

Information Source:Dataloss DB

records from this breach used in our total: 149

November 9, 2006

Four ARCO gas stationsCosta Mesa, California

BSR

CARD

At least 440

Additional locations: Westminster and Torrance, CA

From Sept. 29 to Oct. 9,
thieves used card skimmers to steal bank account numbers and PIN codes
from gas station customers and used the information to fabricate debit
cards and make ATM withdrawals.

Information Source:Dataloss DB

records from this breach used in our total: 440

November 10, 2006

KSL Services, Inc.Los Alamos, New Mexico

BSO

PORT

Approximately 1,000

A disk containing the personal
information of approximately 1,000 KSL employees is missing. KSL is
a contractor for Los Alamos National Laboratory.

Information Source:Dataloss DB

records from this breach used in our total: 1,000

November 10, 2006

NYS Higher Education ServicesAlbany, New York

EDU

PHYS

49

Paper documents were lost when the package containing them was damaged by a carrier's mechanical equipment. The documents may have been thrown away by the carrier. The information on the documents included name, Social Security number and address. At least 49 New York residents were affected, but the total number of people affected nationwide was not disclosed.

Information Source:Dataloss DB

records from this breach used in our total: 49

Breach Total

815,842,526 RECORDS BREACHED(Please see explanation about this total.)from 4,489 DATA BREACHES made public since 2005